Updated cicd to test kube-proxy replacement

loxilb-io · Jan 8, 2024 · 7d7692f · 7d7692f
1 parent 5525498
commit 7d7692f
Show file tree

Hide file tree

Showing 5 changed files with 95 additions and 23 deletions.
diff --git a/cicd/k3s-flannel-cluster-ipvs-compat/Vagrantfile b/cicd/k3s-flannel-cluster-ipvs-compat/Vagrantfile
@@ -14,22 +14,11 @@ Vagrant.configure("2") do |config|
 
   config.vm.define "host" do |host|
     host.vm.hostname = 'host'
-    host.vm.network :private_network, ip: "192.168.90.8", :netmask => "255.255.255.0"
+    host.vm.network :private_network, ip: "192.168.80.9", :netmask => "255.255.255.0"
+    host.vm.network :private_network, ip: "192.168.90.9", :netmask => "255.255.255.0"
     host.vm.provision :shell, :path => "host.sh"
     host.vm.provider :virtualbox do |vbox|
         vbox.memory = "4096"
-        vbox.cpus = "2"
-        vbox.default_nic_type = "virtio"
-    end
-  end
-
-  config.vm.define "loxilb" do |loxilb|
-    loxilb.vm.hostname = 'llb1'
-    loxilb.vm.network :private_network, ip: "192.168.80.9", :netmask => "255.255.255.0"
-    loxilb.vm.network :private_network, ip: "192.168.90.9", :netmask => "255.255.255.0"
-    loxilb.vm.provision :shell, :path => "loxilb.sh"
-    loxilb.vm.provider :virtualbox do |vbox|
-        vbox.memory = "6000"
         vbox.cpus = "4"
         vbox.default_nic_type = "virtio"
     end
@@ -54,7 +43,7 @@ Vagrant.configure("2") do |config|
       worker.vm.provision :shell, :path => "worker.sh"
       worker.vm.provider :virtualbox do |vbox|
           vbox.memory = "4096"
-          vbox.cpus = "2"
+          vbox.cpus = "4"
           vbox.default_nic_type = "virtio"
       end
     end

diff --git a/cicd/k3s-flannel-cluster-ipvs-compat/config.sh b/cicd/k3s-flannel-cluster-ipvs-compat/config.sh
@@ -1,5 +1,3 @@
 #!/bin/bash
 vagrant global-status  | grep -i virtualbox | cut -f 1 -d ' ' | xargs -L 1 vagrant destroy -f
 vagrant up
-vagrant ssh host -c 'sudo ip route add 123.123.123.0/24 via 192.168.90.9'
-
diff --git a/cicd/k3s-flannel-cluster-ipvs-compat/kube-loxilb.yml b/cicd/k3s-flannel-cluster-ipvs-compat/kube-loxilb.yml
@@ -110,8 +110,9 @@ spec:
         command:
         - /bin/kube-loxilb
         args:
-        - --loxiURL=http://192.168.80.9:11111
-        - --externalCIDR=123.123.123.1/24
+        #- --loxiURL=http://192.168.80.9:11111
+        - --externalCIDR=192.168.80.20/32
+        - --setRoles=0.0.0.0
         #- --monitor
         #- --setBGP
         #- --setLBMode=1

diff --git a/cicd/k3s-flannel-cluster-ipvs-compat/loxilb.yml b/cicd/k3s-flannel-cluster-ipvs-compat/loxilb.yml
@@ -1,15 +1,92 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: loxilb-lb
+  namespace: kube-system
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: loxilb-lb
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - nodes
+    verbs:
+      - get
+      - watch
+      - list
+      - patch
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+    verbs:
+      - get
+      - watch
+      - list
+      - patch
+  - apiGroups:
+      - ""
+    resources:
+      - endpoints
+      - services
+      - services/status
+    verbs:
+      - get
+      - watch
+      - list
+      - patch
+      - update
+  - apiGroups:
+      - discovery.k8s.io
+    resources:
+      - endpointslices
+    verbs:
+      - get
+      - watch
+      - list
+  - apiGroups:
+      - authentication.k8s.io
+    resources:
+      - tokenreviews
+    verbs:
+      - create
+  - apiGroups:
+      - authorization.k8s.io
+    resources:
+      - subjectaccessreviews
+    verbs:
+      - create
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: loxilb-lb
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: loxilb-lb
+subjects:
+  - kind: ServiceAccount
+    name: loxilb-lb
+    namespace: kube-system
+---
 apiVersion: apps/v1
 kind: DaemonSet
 metadata:
   name: loxilb-lb
   namespace: kube-system
+  labels:
+    app: loxilb-app
 spec:
   selector:
     matchLabels:
       app: loxilb-app
   template:
     metadata:
-      name: loxilb-lb
       labels:
         app: loxilb-app
     spec:
@@ -20,11 +97,14 @@ spec:
         operator: Exists
       - key: "node-role.kubernetes.io/control-plane"
         operator: Exists
+      priorityClassName: system-node-critical
+      serviceAccountName: loxilb-lb
       containers:
-      - name: loxilb-app
-        image: "ghcr.io/loxilb-io/loxilb:latest"
+      - name: loxilb-lb
+        image: "ghcr.io/loxilb-io/loxilb:debug"
         imagePullPolicy: Always
-        command: [ "/root/loxilb-io/loxilb/loxilb", "--bgp", "--egr-hooks", "--blacklist=veth.|flannel.|cali.|tunl.|vxlan[.]calico", "--ipvs-compat" ]
+        #command: [ "sleep", "72000" ]
+        command: [ "/root/loxilb-io/loxilb/loxilb", "--egr-hooks", "--blacklist=cni.|veth.|flannel.|cali.|tunl.|vxlan[.]calico", "--ipvs-compat", "--k8s-api=cluster" ]
         ports:
         - containerPort: 11111
         - containerPort: 179
@@ -34,6 +114,11 @@ spec:
           capabilities:
             add:
               - SYS_ADMIN
+        env:
+          - name: MY_NODE_IP
+            valueFrom:
+              fieldRef:
+                fieldPath: status.hostIP
 ---
 apiVersion: v1
 kind: Service

diff --git a/cicd/k3s-flannel-cluster-ipvs-compat/rmconfig.sh b/cicd/k3s-flannel-cluster-ipvs-compat/rmconfig.sh
@@ -1,5 +1,4 @@
 #!/bin/bash
 vagrant destroy -f worker1
 vagrant destroy -f master
-vagrant destroy -f loxilb
 vagrant destroy -f host